package com.hsgene.user.controller.token;

import com.hsgene.common.util.resolver.IgnoreUserToken;
import com.hsgene.common.util.result.ApiResult;
import com.hsgene.common.util.web.session.UserSession;
import com.hsgene.user.session.UserSessionComponent;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpSession;

/**
 * AccessToken相关接口
 *
 * @author wangbing
 * @version 1.0, 2018/7/6
 */
@RestController
@RequestMapping("/access_token")
public class AccessTokenController {

    @Autowired
    private UserSessionComponent userSessionComponent;

    /**
     * 刷新用户令牌
     *
     * @param sessionId    用户会话ID
     * @param refreshToken 刷新令牌
     * @param session
     * @return 刷新用户令牌，返回null表示刷新失败
     */
    @IgnoreUserToken
    @RequestMapping(value = "", method = RequestMethod.PUT)
    public ApiResult<UserSession> refreshAccessToken(
            @RequestHeader("session_id") String sessionId,
            @RequestHeader("refresh_token") String refreshToken, HttpSession session) {
        return userSessionComponent.updateAccessToken(session, sessionId, refreshToken);
    }
}
